diff options
Diffstat (limited to 'spec/services/clusters/aws/authorize_role_service_spec.rb')
-rw-r--r-- | spec/services/clusters/aws/authorize_role_service_spec.rb | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/spec/services/clusters/aws/authorize_role_service_spec.rb b/spec/services/clusters/aws/authorize_role_service_spec.rb index 302bae6e3ff..17bbc372675 100644 --- a/spec/services/clusters/aws/authorize_role_service_spec.rb +++ b/spec/services/clusters/aws/authorize_role_service_spec.rb @@ -40,7 +40,7 @@ RSpec.describe Clusters::Aws::AuthorizeRoleService do shared_examples 'bad request' do it 'returns an empty hash' do expect(subject.status).to eq(:unprocessable_entity) - expect(subject.body).to eq({}) + expect(subject.body).to eq({ message: message }) end it 'logs the error' do @@ -52,12 +52,14 @@ RSpec.describe Clusters::Aws::AuthorizeRoleService do context 'role does not exist' do let(:user) { create(:user) } + let(:message) { 'Error: Unable to find AWS role for current user' } include_examples 'bad request' end context 'supplied ARN is invalid' do let(:role_arn) { 'invalid' } + let(:message) { 'Validation failed: Role arn must be a valid Amazon Resource Name' } include_examples 'bad request' end @@ -69,18 +71,29 @@ RSpec.describe Clusters::Aws::AuthorizeRoleService do context 'error fetching credentials' do let(:error) { Aws::STS::Errors::ServiceError.new(nil, 'error message') } + let(:message) { 'AWS service error: error message' } + + include_examples 'bad request' + end + + context 'error in assuming role' do + let(:raw_message) { "User foo is not authorized to perform: sts:AssumeRole on resource bar" } + let(:error) { Aws::STS::Errors::AccessDenied.new(nil, raw_message) } + let(:message) { "Access denied: #{raw_message}" } include_examples 'bad request' end context 'credentials not configured' do let(:error) { Aws::Errors::MissingCredentialsError.new('error message') } + let(:message) { "Error: No AWS credentials were supplied" } include_examples 'bad request' end context 'role not configured' do let(:error) { Clusters::Aws::FetchCredentialsService::MissingRoleError.new('error message') } + let(:message) { "Error: No AWS provision role found for user" } include_examples 'bad request' end |